Active Directory / Windows Authentication
The default authentication in dbFront is Active Directory / Windows Authentication. If dbFront is installed on a server or workstation that does not have access to an Active Directory server then dbFront will have the local server or workstation manage the authentication. If Active Directory is found then dbFront will defer to Active Directory.
Active Directory / Windows Authentication is required for all users that need to set up or administer dbFront.
To set this authentication type for users you need to update the Connection Access so that it uses Windows Authentication. For more details see: Connection Access. Once you choose Windows Authentication, two new tabs will be opened where you can select the access for specific groups and users.
The Group tab allows you to set the Update Group, Readonly Group, and Default access level.
The Update Group will specify the list of users that have Update access to the databases and tables managed by this connection.
The Readonly Group will specify the list of users that have Readonly access to the databases and tables managed by this connection. Readonly users won't be able to update any data. They will also not be able to click on any action buttons.
If a user is a member of both the Update and Readonly groups then the Readonly restriction will apply.
Default access applies to all users not specifically assigned either Update or ReadOnly access. If you have a large number of users to manage then you can set up the dbFront Service to limit access to a specific group of users. You can then use the default access setting to specify their default access level. For more details see dbFront Users below.
The Users tab is for those instances where it is necessary to manage or override user access on an individual basis. Users start with "Default" access. You can easily change each user's access by dragging them to the appropriate column.
Assignments made on this table override all other access except Administrative.
NOTE: If the user list is too large (more then 5000 dbFront users), then this tab will no longer allow selection from the entry list. In that case, limit the dbFront user count by means of a specific dbFrontUsers group or else use the security groups to manage application user access.
This is for all normal users who will be searching for and updating data. Hidden tables will be hidden (except where they are needed to populate drop-downs).
The Readonly access level is reserved for users that you only want to give read-only access to the data. Their access will be similar to the Update group but they won't be able to update any data. Users with Readonly access will also be blocked from clicking on action buttons that might update data. It is possible to override that restriction using special Action Button security.
Users assigned None access, won't have any access to the database.
Users with Default access will have their access determined by the settings on the Group tab.
Windows Authentication Setup
Authentication for dbFront is managed by the dbFront service. This service should be installed inside your network with ready access to the database server and your authentication servers. For detailed information on setting up the service see: Application Service Install
The application service has three settings that can be used to select which users have default access to dbFront. For more details see: dbFront Users
More Security Options
For more security options see: Authentication Overview